Entries in this category provide IT staff with the tools necessary to create, group and manage large numbers of digital identities.

Among the field of entries in this category, we found many options for moving away from passwords as an authentication system. Were still some years away from seeing the user-name-plus-password combination lose its No. 1 spot as an authentication system, but change is coming. The average human user simply cant deal well with passwords complex enough to be secure choices.

We think organizations will eventually be required either by necessity or by regulation to stop using passwords and switch to smart cards, token cards or biometric systems, in combination with public-key infrastructures.
We chose finalist BioNetrix Authentication Suite for the many authentication systems it allows and its broad reach: Novell Inc. and Microsoft Corp. networks, plus Web applications and several enterprise resource planning systems.
RSA ClearTrust is for only Web-based applications, but it offers a complete set of features in this space, including strong delegation and intrusion detection features.

The overall winner is Waveset Lighthouse 1.6, which stood above the rest for its ability to manage multiple operating system and application user directories through a single interface, its user self-service features such as password resets, and its ability to enable single sign-on across Web and non-Web applications. Timothy Dyck